Reverse engineering to achieve maintainable WWW sites

The growth of the World Wide Web and the accelerated development of web sites and associated web technologies has resulted in a variety of maintenance problems. The maintenance problems associated with web sites and the WWW are examined. It is argued that currently web sites and the WWW lack both data abstractions and structures that could facilitate maintenance. A system to analyse existing web sites and extract duplicated content and style is described here. In designing the system, existing Reverse Engineering techniques have been applied, and a case for further application of these techniques is made in order to prepare sites for their inevitable evolution in futur

PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware

PowerShell is nowadays a widely-used technology to administrate and manage Windows-based operating systems. However, it is also extensively used by malware vectors to execute payloads or drop additional malicious contents. Similarly to other scripting languages used by malware, PowerShell attacks are challenging to analyze due to the extensive use of multiple obfuscation layers, which make the real malicious code hard to be unveiled. To the best of our knowledge, a comprehensive solution for properly de-obfuscating such attacks is currently missing. In this paper, we present PowerDrive, an open-source, static and dynamic multi-stage de-obfuscator for PowerShell attacks. PowerDrive instruments the PowerShell code to progressively de-obfuscate it by showing the analyst the employed obfuscation steps. We used PowerDrive to successfully analyze thousands of PowerShell attacks extracted from various malware vectors and executables. The attained results show interesting patterns used by attackers to devise their malicious scripts. Moreover, we provide a taxonomy of behavioral models adopted by the analyzed codes and a comprehensive list of the malicious domains contacted during the analysis

The Transitivity of Trust Problem in the Interaction of Android Applications

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may interact, restricting single applications may create a false sense of security for the end users while data may still leave the mobile phone through other applications. Instead, the information flow needs to be policed for the composite system of applications in a transparent and usable manner. In this paper, we propose to employ static analysis based on the software architecture and focused data flow analysis to scalably detect information flows between components. Specifically, we aim to reveal transitivity of trust problems in multi-component mobile platforms. We demonstrate the feasibility of our approach with Android applications, although the generalization of the analysis to similar composition-based architectures, such as Service-oriented Architecture, can also be explored in the future

Towards maintainer script modernization in FOSS distributions

Free and Open Source Software (FOSS) distributions are complex software systems, made of thousands packages that evolve rapidly, independently, and without centralized coordination. During packages upgrades, corner case failures can be encountered and are hard to deal with, especially when they are due to misbehaving maintainer scripts: executable code snippets used to finalize package configuration. In this paper we report a software modernization experience, the process of representing existing legacy systems in terms of models, applied to FOSS distributions. We present a process to define meta-models that enable dealing with upgrade failures and help rolling back from them, taking into account maintainer scripts. The process has been applied to widely used FOSS distributions and we report about such experiences

A Framework for Datatype Transformation

We study one dimension in program evolution, namely the evolution of the datatype declarations in a program. To this end, a suite of basic transformation operators is designed. We cover structure-preserving refactorings, but also structure-extending and -reducing adaptations. Both the object programs that are subject to datatype transformations, and the meta programs that encode datatype transformations are functional programs.Comment: Minor revision; now accepted at LDTA 200

SMIL State: an architecture and implementation for adaptive time-based web applications

In this paper we examine adaptive time-based web applications (or presentations). These are interactive presentations where time dictates which parts of the application are presented (providing the major structuring paradigm), and that require interactivity and other dynamic adaptation. We investigate the current technologies available to create such presentations and their shortcomings, and suggest a mechanism for addressing these shortcomings. This mechanism, SMIL State, can be used to add user-defined state to declarative time-based languages such as SMIL or SVG animation, thereby enabling the author to create control flows that are difficult to realize within the temporal containment model of the host languages. In addition, SMIL State can be used as a bridging mechanism between languages, enabling easy integration of external components into the web application. Finally, SMIL State enables richer expressions for content control. This paper defines SMIL State in terms of an introductory example, followed by a detailed specification of the State model. Next, the implementation of this model is discussed. We conclude with a set of potential use cases, including dynamic content adaptation and delayed insertion of custom content such as advertisements. © 2009 Springer Science+Business Media, LLC

GAMESPECT: A Composition Framework and Meta-Level Domain Specific Aspect Language for Unreal Engine 4

Game engine programming involves a great number of software components, many of which perform similar tasks; for example, memory allocation must take place in the renderer as well as in the creation routines while other tasks such as error logging must take place everywhere. One area of all games which is critical to the success of the game is that of game balance and tuning. These balancing initiatives cut across all areas of code from the player and AI to the mission manager. In computer science, we’ve come to call these types of concerns “cross cutting”. Aspect oriented programming was developed, in part, to solve the problems of cross cutting: employing “advice” which can be incorporated across different pieces of functionality. Yet, despite the prevalence of a solution, very little work has been done to bring cross cutting to game engine programming. Additionally, the discipline involves a heavy amount of code rewriting and reuse while simultaneously relying on many common design patterns that are copied from one project to another. In the case of game balance, the code may be wildly different across two different games despite the fact that similar tasks are being done. These two problems are exacerbated by the fact that almost every game engine has its own custom DSL (domain specific language) unique to that situation. If a DSL could showcase the areas of cross cutting concerns while highlighting the ability to capture design patterns that can be used across games, significant productivity savings could be achieved while simultaneously creating a common thread for discussion of shared problems within the domain. This dissertation sought to do exactly that- create a metalanguage called GAMESPECT which supports multiple styles of DSLs while bringing aspect-oriented programming into the DSL’s to make them DSAL (domain specific aspect languages). The example cross cutting concern was game balance and tuning since it’s so pervasive and important to gaming. We have created GAMESPECT as a language and a composition framework which can assist engine developers and game designers in balancing their games, forming one central place for game balancing concerns even while these concerns may cross different languages and locations inside the source code. Generality was measured by showcasing the composition specifications in multiple contexts and languages. In addition to evaluating generality and performance metrics, effectiveness was be measured. Specifically, comparisons were made between a balancing initiative when performed with GAMESPECT vs a traditional methodology. In doing so, this work shows a clear advantage to using a Metalanguage such as GAMESPECT for this task. In general, a line of code reduction of 9-40% per task was achieved with negligible effects to performance. The use of a metalanguage in Unreal Engine 4 is a starting point to further discussions concerning other game engines. In addition, this work has implications beyond video game programming. The work described highlights benefits which might be achieved in other disciplines where design pattern implementations and cross-cutting concern usage is high; the real time simulation field and the field of Windows GUI programming are two examples of future domains